<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_Acl
 * @subpackage Helper
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @version    $Id: Url.php 10664 2008-08-05 10:56:06Z matthew $
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */

/**
 * Helper for making easy access to acl class
 *
 * @package    Zend_Acl
 * @subpackage Helper
 * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 */
class Core_View_Helper_Acl extends Zend_View_Helper_Abstract
{
	/**
	 * @var Core_Controller_Plugin_Acl
	 **/
	protected $_aclPlugin;

	/**
	 * Constructor
	 *
	 * @return void
	 **/
	function __construct()
	{
		$this->_aclPlugin = $this->getAclPlugin();
	}

	/**
	 * Return Acl Helper object
	 *
	 * Returns Acl helper object
	 *
	 * @return Core_View_Helper_Acl
	 */
	public function acl()
	{
		return $this;
	}

	/**
	 * Returns true if and only if the Role has access to the Resource
	 *
	 * The $role and $resource parameters may be references to, or the string identifiers for,
	 * an existing Resource and Role combination.
	 *
	 * If either $role or $resource is null, then the query applies to all Roles or all Resources,
	 * respectively. Both may be null to query whether the ACL has a "blacklist" rule
	 * (allow everything to all). By default, Zend_Acl creates a "whitelist" rule (deny
	 * everything to all), and this method would return false unless this default has
	 * been overridden (i.e., by executing $acl->allow()).
	 *
	 * If a $privilege is not provided, then this method returns false if and only if the
	 * Role is denied access to at least one privilege upon the Resource. In other words, this
	 * method returns true if and only if the Role is allowed all privileges on the Resource.
	 *
	 * This method checks Role inheritance using a depth-first traversal of the Role registry.
	 * The highest priority parent (i.e., the parent most recently added) is checked first,
	 * and its respective parents are checked similarly before the lower-priority parents of
	 * the Role are checked.
	 *
	 * @param  Zend_Acl_Role_Interface|string     $role
	 * @param  Zend_Acl_Resource_Interface|string $resource
	 * @param  string                             $privilege
	 * @uses   Zend_Acl::get()
	 * @uses   Zend_Acl_Role_Registry::get()
	 * @return boolean
	 */
	public function isAllowed($role = null, $resource = null, $privilege = null)
	{
		if (empty($role))
			$role = $this->_aclPlugin->getRoleName();
		
		return $this->_aclPlugin->getAcl()->isAllowed($role, $resource, $privilege);
	}

	/**
	 * Returns the Acl Plugin object
	 *
	 * @return Core_Controller_Plugin_Acl
	 **/
	public function getAclPlugin()
	{
		if (null === $this->_aclPlugin) {
			$front = Zend_Controller_Front::getInstance();
			if ($front->hasPlugin('Core_Controller_Plugin_Acl')) {
				$this->_aclPlugin = $front->getPlugin('Core_Controller_Plugin_Acl');
			} else {
				$front->registerPlugin(new Core_Controller_Plugin_Acl());
				$this->_aclPlugin = $this->getAclPlugin();
			}
		}

		return $this->_aclPlugin;
	}
}
